lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1370275373.24512.37.camel@zakaz.uk.xensource.com>
Date:	Mon, 3 Jun 2013 17:02:53 +0100
From:	Ian Campbell <Ian.Campbell@...rix.com>
To:	Stephen Warren <swarren@...dotorg.org>
CC:	Grant Likely <grant.likely@...aro.org>,
	Rob Herring <rob.herring@...xeda.com>,
	<devicetree-discuss@...ts.ozlabs.org>,
	<linux-kernel@...r.kernel.org>, <linuxppc-dev@...ts.ozlabs.org>,
	Michal Marek <mmarek@...e.cz>, <linux-kbuild@...r.kernel.org>,
	<jdl@....com>, Stephen Warren <swarren@...dia.com>
Subject: Re: [PATCH] dtc: ensure #line directives don't consume data from
 the next line

On Mon, 2013-06-03 at 09:36 -0600, Stephen Warren wrote:
> From: Stephen Warren <swarren@...dia.com>
> 
> Previously, the #line parsing regex ended with ({WS}+[0-9]+)?. The {WS}
> could match line-break characters. If the #line directive did not contain
> the optional flags field at the end, this could cause any integer data on
> the next line to be consumed as part of the #line directive parsing. This
> could cause syntax errors (i.e. #line parsing consuming the leading 0
> from a hex literal 0x1234, leaving x1234 to be parsed as cell data,
> which is a syntax error), or invalid compilation results (i.e. simply
> consuming literal 1234 as part of the #line processing, thus removing it
> from the cell data).
> 
> Fix this by replacing {WS} with [ \t] so that it can't match line-breaks.
> 
> Convert all instances of {WS}, even though the other instances should be
> irrelevant for any well-formed #line directive. This is done for
> consistency and ultimate safety.
> 
> This is a port of upstream dtc commit a1ee6f0 (with same subject) to the
> kernel's copy of dtc.

FWIW I have tested the upstream commit via my device-tree.git. If that
is considered sufficient then it is OK by me to apply
   Tested-by: Ian Campbell <ian.campbell@...rix.com>
to this change too.

> 
> Reported-by: Ian Campbell <Ian.Campbell@...rix.com>
> Signed-off-by: Stephen Warren <swarren@...dia.com>
> ---
> This is a fix for 3.10.
> 
>  scripts/dtc/dtc-lexer.l             |    2 +-
>  scripts/dtc/dtc-lexer.lex.c_shipped |  232 +++++++++++++++++------------------
>  2 files changed, 117 insertions(+), 117 deletions(-)
> 
> diff --git a/scripts/dtc/dtc-lexer.l b/scripts/dtc/dtc-lexer.l
> index 254d5af..3b41bfc 100644
> --- a/scripts/dtc/dtc-lexer.l
> +++ b/scripts/dtc/dtc-lexer.l
> @@ -71,7 +71,7 @@ static int pop_input_file(void);
>  			push_input_file(name);
>  		}
>  
> -<*>^"#"(line)?{WS}+[0-9]+{WS}+{STRING}({WS}+[0-9]+)? {
> +<*>^"#"(line)?[ \t]+[0-9]+[ \t]+{STRING}([ \t]+[0-9]+)? {
>  			char *line, *tmp, *fn;
>  			/* skip text before line # */
>  			line = yytext;
> diff --git a/scripts/dtc/dtc-lexer.lex.c_shipped b/scripts/dtc/dtc-lexer.lex.c_shipped
> index a6c5fcd..2d30f41 100644
> --- a/scripts/dtc/dtc-lexer.lex.c_shipped
> +++ b/scripts/dtc/dtc-lexer.lex.c_shipped
> @@ -405,19 +405,19 @@ static yyconst flex_int16_t yy_accept[161] =
>  static yyconst flex_int32_t yy_ec[256] =
>      {   0,
>          1,    1,    1,    1,    1,    1,    1,    1,    2,    3,
> -        2,    2,    2,    1,    1,    1,    1,    1,    1,    1,
> +        4,    4,    4,    1,    1,    1,    1,    1,    1,    1,
>          1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
> -        1,    2,    4,    5,    6,    1,    1,    7,    8,    1,
> -        1,    9,   10,   10,   11,   10,   12,   13,   14,   15,
> -       15,   15,   15,   15,   15,   15,   15,   16,    1,   17,
> -       18,   19,   10,   10,   20,   20,   20,   20,   20,   20,
> -       21,   21,   21,   21,   21,   22,   21,   21,   21,   21,
> -       21,   21,   21,   21,   23,   21,   21,   24,   21,   21,
> -        1,   25,   26,    1,   21,    1,   20,   27,   28,   29,
> -
> -       30,   20,   21,   21,   31,   21,   21,   32,   33,   34,
> -       35,   36,   21,   37,   38,   39,   40,   41,   21,   24,
> -       42,   21,   43,   44,   45,    1,    1,    1,    1,    1,
> +        1,    2,    5,    6,    7,    1,    1,    8,    9,    1,
> +        1,   10,   11,   11,   12,   11,   13,   14,   15,   16,
> +       16,   16,   16,   16,   16,   16,   16,   17,    1,   18,
> +       19,   20,   11,   11,   21,   21,   21,   21,   21,   21,
> +       22,   22,   22,   22,   22,   23,   22,   22,   22,   22,
> +       22,   22,   22,   22,   24,   22,   22,   25,   22,   22,
> +        1,   26,   27,    1,   22,    1,   21,   28,   29,   30,
> +
> +       31,   21,   22,   22,   32,   22,   22,   33,   34,   35,
> +       36,   37,   22,   38,   39,   40,   41,   42,   22,   25,
> +       43,   22,   44,   45,   46,    1,    1,    1,    1,    1,
>          1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
>          1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
>          1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
> @@ -434,36 +434,36 @@ static yyconst flex_int32_t yy_ec[256] =
>          1,    1,    1,    1,    1
>      } ;
>  
> -static yyconst flex_int32_t yy_meta[46] =
> +static yyconst flex_int32_t yy_meta[47] =
>      {   0,
> -        1,    1,    1,    1,    1,    2,    3,    1,    2,    2,
> -        2,    4,    5,    5,    5,    6,    1,    1,    1,    7,
> -        8,    8,    8,    8,    1,    1,    7,    7,    7,    7,
> -        8,    8,    8,    8,    8,    8,    8,    8,    8,    8,
> -        8,    8,    3,    1,    1
> +        1,    1,    1,    1,    1,    1,    2,    3,    1,    2,
> +        2,    2,    4,    5,    5,    5,    6,    1,    1,    1,
> +        7,    8,    8,    8,    8,    1,    1,    7,    7,    7,
> +        7,    8,    8,    8,    8,    8,    8,    8,    8,    8,
> +        8,    8,    8,    3,    1,    1
>      } ;
>  
>  static yyconst flex_int16_t yy_base[175] =
>      {   0,
> -        0,  388,  381,   40,   41,  386,   71,  385,   34,   44,
> -      390,  395,   60,   62,  371,  112,  111,  111,  111,  104,
> -      370,  106,  371,  342,  124,  119,    0,  144,  395,    0,
> -      123,    0,  159,  153,  165,  167,  395,  130,  395,  382,
> -      395,    0,  372,  122,  395,  157,  374,  379,  350,   21,
> -      346,  349,  395,  395,  395,  395,  395,  362,  395,  395,
> -      181,  346,  342,  395,  359,    0,  191,  343,  190,  351,
> -      350,    0,    0,    0,  173,  362,  177,  367,  357,  329,
> -      335,  328,  337,  331,  206,  329,  334,  327,  395,  338,
> -      170,  314,  346,  345,  318,  325,  343,  158,  316,  212,
> -
> -      322,  319,  320,  395,  340,  336,  308,  305,  314,  304,
> -      295,  138,  208,  220,  395,  292,  305,  265,  264,  254,
> -      201,  222,  285,  275,  273,  270,  236,  235,  225,  115,
> -      395,  395,  252,  216,  216,  217,  214,  230,  209,  220,
> -      213,  239,  211,  217,  216,  209,  229,  395,  240,  225,
> -      206,  169,  395,  395,  116,  106,   99,   54,  395,  395,
> -      254,  260,  268,  272,  276,  282,  289,  293,  301,  309,
> -      313,  319,  327,  335
> +        0,  385,  378,   40,   41,  383,   72,  382,   34,   44,
> +      388,  393,   61,  117,  368,  116,  115,  115,  115,   48,
> +      367,  107,  368,  339,  127,  120,    0,  147,  393,    0,
> +      127,    0,  133,  156,  168,  153,  393,  125,  393,  380,
> +      393,    0,  369,  127,  393,  160,  371,  377,  347,   21,
> +      343,  346,  393,  393,  393,  393,  393,  359,  393,  393,
> +      183,  343,  339,  393,  356,    0,  183,  340,  187,  348,
> +      347,    0,    0,    0,  178,  359,  195,  365,  354,  326,
> +      332,  325,  334,  328,  204,  326,  331,  324,  393,  335,
> +      150,  311,  343,  342,  315,  322,  340,  179,  313,  207,
> +
> +      319,  316,  317,  393,  337,  333,  305,  302,  311,  301,
> +      310,  190,  338,  337,  393,  307,  322,  301,  305,  277,
> +      208,  311,  307,  278,  271,  270,  248,  246,  213,  130,
> +      393,  393,  263,  235,  207,  221,  218,  229,  213,  213,
> +      206,  234,  218,  210,  208,  193,  219,  393,  223,  204,
> +      176,  157,  393,  393,  120,  106,   97,  119,  393,  393,
> +      245,  251,  259,  263,  267,  273,  280,  284,  292,  300,
> +      304,  310,  318,  326
>      } ;
>  
>  static yyconst flex_int16_t yy_def[175] =
> @@ -489,108 +489,108 @@ static yyconst flex_int16_t yy_def[175] =
>        160,  160,  160,  160
>      } ;
>  
> -static yyconst flex_int16_t yy_nxt[441] =
> +static yyconst flex_int16_t yy_nxt[440] =
>      {   0,
> -       12,   13,   14,   15,   16,   12,   17,   18,   12,   12,
> -       12,   19,   12,   12,   12,   12,   20,   21,   22,   23,
> -       23,   23,   23,   23,   12,   12,   23,   23,   23,   23,
> +       12,   13,   14,   13,   15,   16,   12,   17,   18,   12,
> +       12,   12,   19,   12,   12,   12,   12,   20,   21,   22,
> +       23,   23,   23,   23,   23,   12,   12,   23,   23,   23,
>         23,   23,   23,   23,   23,   23,   23,   23,   23,   23,
> -       23,   23,   12,   24,   12,   25,   34,   35,   35,   25,
> -       81,   26,   26,   27,   27,   27,   34,   35,   35,   82,
> -       28,   36,   36,   36,   36,  159,   29,   28,   28,   28,
> -       28,   12,   13,   14,   15,   16,   30,   17,   18,   30,
> -       30,   30,   26,   30,   30,   30,   12,   20,   21,   22,
> -       31,   31,   31,   31,   31,   32,   12,   31,   31,   31,
> +       23,   23,   23,   12,   24,   12,   25,   34,   35,   35,
> +       25,   81,   26,   26,   27,   27,   27,   34,   35,   35,
> +       82,   28,   36,   36,   36,   53,   54,   29,   28,   28,
> +       28,   28,   12,   13,   14,   13,   15,   16,   30,   17,
> +       18,   30,   30,   30,   26,   30,   30,   30,   12,   20,
> +       21,   22,   31,   31,   31,   31,   31,   32,   12,   31,
>  
>         31,   31,   31,   31,   31,   31,   31,   31,   31,   31,
> -       31,   31,   31,   12,   24,   12,   39,   41,   45,   47,
> -       53,   54,   48,   56,   57,   61,   61,   47,   66,   45,
> -       48,   66,   66,   66,   39,   46,   40,   49,   59,   50,
> -      158,   51,  122,   52,  157,   49,   46,   50,  136,   63,
> -      137,   52,  156,   43,   40,   62,   65,   65,   65,   59,
> -       61,   61,  123,   65,   75,   69,   69,   69,   36,   36,
> -       65,   65,   65,   65,   70,   71,   72,   69,   69,   69,
> -       45,   46,   61,   61,  109,   77,   70,   71,   93,  110,
> -       68,   70,   71,   85,   85,   85,   66,   46,  155,   66,
> -
> -       66,   66,   69,   69,   69,  122,   59,  100,  100,   61,
> -       61,   70,   71,  100,  100,  148,  112,  154,   85,   85,
> -       85,   61,   61,  129,  129,  123,  129,  129,  135,  135,
> -      135,  142,  142,  148,  143,  149,  153,  135,  135,  135,
> -      142,  142,  160,  143,  152,  151,  150,  146,  145,  144,
> -      141,  140,  139,  149,   38,   38,   38,   38,   38,   38,
> -       38,   38,   42,  138,  134,  133,   42,   42,   44,   44,
> -       44,   44,   44,   44,   44,   44,   58,   58,   58,   58,
> -       64,  132,   64,   66,  131,  130,   66,  160,   66,   66,
> -       67,  128,  127,   67,   67,   67,   67,   73,  126,   73,
> -
> -       73,   76,   76,   76,   76,   76,   76,   76,   76,   78,
> -       78,   78,   78,   78,   78,   78,   78,   91,  125,   91,
> -       92,  124,   92,   92,  120,   92,   92,  121,  121,  121,
> -      121,  121,  121,  121,  121,  147,  147,  147,  147,  147,
> -      147,  147,  147,  119,  118,  117,  116,  115,   47,  114,
> -      110,  113,  111,  108,  107,  106,   48,  105,  104,   89,
> -      103,  102,  101,   99,   98,   97,   96,   95,   94,   79,
> -       77,   90,   89,   88,   59,   87,   86,   59,   84,   83,
> -       80,   79,   77,   74,  160,   60,   59,   55,   37,  160,
> -       33,   25,   26,   25,   11,  160,  160,  160,  160,  160,
> +       31,   31,   31,   31,   31,   12,   24,   12,   36,   36,
> +       36,   39,   41,   45,   47,   56,   57,   48,   61,   47,
> +       39,  159,   48,   66,   61,   45,   66,   66,   66,  158,
> +       46,   40,   49,   59,   50,  157,   51,   49,   52,   50,
> +       40,   63,   46,   52,   36,   36,   36,  156,   43,   62,
> +       65,   65,   65,   59,  136,   68,  137,   65,   75,   69,
> +       69,   69,   70,   71,   65,   65,   65,   65,   70,   71,
> +       72,   69,   69,   69,   61,   46,   45,  155,  154,   66,
> +       70,   71,   66,   66,   66,  122,   85,   85,   85,   59,
> +
> +       69,   69,   69,   46,   77,  100,  109,   93,  100,   70,
> +       71,  110,  112,  122,  129,  123,  153,   85,   85,   85,
> +      135,  135,  135,  148,  148,  160,  135,  135,  135,  152,
> +      142,  142,  142,  123,  143,  142,  142,  142,  151,  143,
> +      150,  146,  145,  149,  149,   38,   38,   38,   38,   38,
> +       38,   38,   38,   42,  144,  141,  140,   42,   42,   44,
> +       44,   44,   44,   44,   44,   44,   44,   58,   58,   58,
> +       58,   64,  139,   64,   66,  138,  134,   66,  133,   66,
> +       66,   67,  132,  131,   67,   67,   67,   67,   73,  130,
> +       73,   73,   76,   76,   76,   76,   76,   76,   76,   76,
> +
> +       78,   78,   78,   78,   78,   78,   78,   78,   91,  160,
> +       91,   92,  129,   92,   92,  128,   92,   92,  121,  121,
> +      121,  121,  121,  121,  121,  121,  147,  147,  147,  147,
> +      147,  147,  147,  147,  127,  126,  125,  124,   61,   61,
> +      120,  119,  118,  117,  116,  115,   47,  114,  110,  113,
> +      111,  108,  107,  106,   48,  105,  104,   89,  103,  102,
> +      101,   99,   98,   97,   96,   95,   94,   79,   77,   90,
> +       89,   88,   59,   87,   86,   59,   84,   83,   80,   79,
> +       77,   74,  160,   60,   59,   55,   37,  160,   33,   25,
> +       26,   25,   11,  160,  160,  160,  160,  160,  160,  160,
>  
>        160,  160,  160,  160,  160,  160,  160,  160,  160,  160,
>        160,  160,  160,  160,  160,  160,  160,  160,  160,  160,
>        160,  160,  160,  160,  160,  160,  160,  160,  160,  160,
> -      160,  160,  160,  160,  160,  160,  160,  160,  160,  160
> +      160,  160,  160,  160,  160,  160,  160,  160,  160
>      } ;
>  
> -static yyconst flex_int16_t yy_chk[441] =
> +static yyconst flex_int16_t yy_chk[440] =
>      {   0,
>          1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
>          1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
>          1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
>          1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
> -        1,    1,    1,    1,    1,    4,    9,    9,    9,   10,
> -       50,    4,    5,    5,    5,    5,   10,   10,   10,   50,
> -        5,   13,   13,   14,   14,  158,    5,    5,    5,    5,
> -        5,    7,    7,    7,    7,    7,    7,    7,    7,    7,
> +        1,    1,    1,    1,    1,    1,    4,    9,    9,    9,
> +       10,   50,    4,    5,    5,    5,    5,   10,   10,   10,
> +       50,    5,   13,   13,   13,   20,   20,    5,    5,    5,
> +        5,    5,    7,    7,    7,    7,    7,    7,    7,    7,
>          7,    7,    7,    7,    7,    7,    7,    7,    7,    7,
>          7,    7,    7,    7,    7,    7,    7,    7,    7,    7,
>  
>          7,    7,    7,    7,    7,    7,    7,    7,    7,    7,
> -        7,    7,    7,    7,    7,    7,   16,   17,   18,   19,
> -       20,   20,   19,   22,   22,   25,   25,   26,   31,   44,
> -       26,   31,   31,   31,   38,   18,   16,   19,   31,   19,
> -      157,   19,  112,   19,  156,   26,   44,   26,  130,   26,
> -      130,   26,  155,   17,   38,   25,   28,   28,   28,   28,
> -       33,   33,  112,   28,   46,   34,   34,   34,   36,   36,
> -       28,   28,   28,   28,   34,   34,   34,   35,   35,   35,
> -       75,   46,   61,   61,   98,   77,   35,   35,   77,   98,
> -       33,   91,   91,   61,   61,   61,   67,   75,  152,   67,
> -
> -       67,   67,   69,   69,   69,  121,   67,   85,   85,  113,
> -      113,   69,   69,  100,  100,  143,  100,  151,   85,   85,
> -       85,  114,  114,  122,  122,  121,  129,  129,  135,  135,
> -      135,  138,  138,  147,  138,  143,  150,  129,  129,  129,
> -      142,  142,  149,  142,  146,  145,  144,  141,  140,  139,
> -      137,  136,  134,  147,  161,  161,  161,  161,  161,  161,
> -      161,  161,  162,  133,  128,  127,  162,  162,  163,  163,
> -      163,  163,  163,  163,  163,  163,  164,  164,  164,  164,
> -      165,  126,  165,  166,  125,  124,  166,  123,  166,  166,
> -      167,  120,  119,  167,  167,  167,  167,  168,  118,  168,
> -
> -      168,  169,  169,  169,  169,  169,  169,  169,  169,  170,
> -      170,  170,  170,  170,  170,  170,  170,  171,  117,  171,
> -      172,  116,  172,  172,  111,  172,  172,  173,  173,  173,
> -      173,  173,  173,  173,  173,  174,  174,  174,  174,  174,
> -      174,  174,  174,  110,  109,  108,  107,  106,  105,  103,
> -      102,  101,   99,   97,   96,   95,   94,   93,   92,   90,
> -       88,   87,   86,   84,   83,   82,   81,   80,   79,   78,
> -       76,   71,   70,   68,   65,   63,   62,   58,   52,   51,
> -       49,   48,   47,   43,   40,   24,   23,   21,   15,   11,
> -        8,    6,    3,    2,  160,  160,  160,  160,  160,  160,
> +        7,    7,    7,    7,    7,    7,    7,    7,   14,   14,
> +       14,   16,   17,   18,   19,   22,   22,   19,   25,   26,
> +       38,  158,   26,   31,   33,   44,   31,   31,   31,  157,
> +       18,   16,   19,   31,   19,  156,   19,   26,   19,   26,
> +       38,   26,   44,   26,   36,   36,   36,  155,   17,   25,
> +       28,   28,   28,   28,  130,   33,  130,   28,   46,   34,
> +       34,   34,   91,   91,   28,   28,   28,   28,   34,   34,
> +       34,   35,   35,   35,   61,   46,   75,  152,  151,   67,
> +       35,   35,   67,   67,   67,  112,   61,   61,   61,   67,
> +
> +       69,   69,   69,   75,   77,   85,   98,   77,  100,   69,
> +       69,   98,  100,  121,  129,  112,  150,   85,   85,   85,
> +      135,  135,  135,  143,  147,  149,  129,  129,  129,  146,
> +      138,  138,  138,  121,  138,  142,  142,  142,  145,  142,
> +      144,  141,  140,  143,  147,  161,  161,  161,  161,  161,
> +      161,  161,  161,  162,  139,  137,  136,  162,  162,  163,
> +      163,  163,  163,  163,  163,  163,  163,  164,  164,  164,
> +      164,  165,  134,  165,  166,  133,  128,  166,  127,  166,
> +      166,  167,  126,  125,  167,  167,  167,  167,  168,  124,
> +      168,  168,  169,  169,  169,  169,  169,  169,  169,  169,
> +
> +      170,  170,  170,  170,  170,  170,  170,  170,  171,  123,
> +      171,  172,  122,  172,  172,  120,  172,  172,  173,  173,
> +      173,  173,  173,  173,  173,  173,  174,  174,  174,  174,
> +      174,  174,  174,  174,  119,  118,  117,  116,  114,  113,
> +      111,  110,  109,  108,  107,  106,  105,  103,  102,  101,
> +       99,   97,   96,   95,   94,   93,   92,   90,   88,   87,
> +       86,   84,   83,   82,   81,   80,   79,   78,   76,   71,
> +       70,   68,   65,   63,   62,   58,   52,   51,   49,   48,
> +       47,   43,   40,   24,   23,   21,   15,   11,    8,    6,
> +        3,    2,  160,  160,  160,  160,  160,  160,  160,  160,
>  
>        160,  160,  160,  160,  160,  160,  160,  160,  160,  160,
>        160,  160,  160,  160,  160,  160,  160,  160,  160,  160,
>        160,  160,  160,  160,  160,  160,  160,  160,  160,  160,
> -      160,  160,  160,  160,  160,  160,  160,  160,  160,  160
> +      160,  160,  160,  160,  160,  160,  160,  160,  160
>      } ;
>  
>  static yy_state_type yy_last_accepting_state;


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ